Learn more about implementing VM-Series and Cisco ACI in the newest Did You Know article by Joe Delio. Find useful links and beneficial information about SDNs and how keep them secure with Palo Alto Networks. Got questions? Get answers on Live Community.
Did you know that Palo Alto Networks VM-Series supports Cisco Application-Centric Infrastructure (ACI)?
With more and more companies moving to the cloud and Software-Defined Networking (SDN), Palo Alto Networks wants to ensure that no matter what you are using for your SDN you will be able to use Palo Alto Networks devices to secure and protect your data. You now can use utilize both Virtual and Physical Palo Alto Networks next generation firewalls to secure your ACI enabled data center.
You can use Software Defined Networking (SDN) controllers called Cisco Application Policy Infrastructure Controller (APIC) to deploy the firewall service between Endpoint Groups (EPGs). The APIC can provide a single pane of glass for managing both network topologies and policies while managing connectivity for the entire data center. It will also support inserting hardware or VM-Series firewalls. If you would like to centrally manage those firewalls, then you will need to use Panorama.
High Availability (HA)?
Just in case you were going to ask, Yes, HA can be implemented with ACI. The nice part is that the virtual firewalls to not have dedicated HA ports, so any interface can work for HA1 or HA2.
Where to start?
For more information on Cisco ACI and VPM-Series integration, please see the following links:
Inside of Palo Alto Networks TechDocs website is the VM-Series Deployment Guide that's full of great info about implementing Cisco ACI with VM-Series firewalls.